DESCRIPTION 



SECURITY COMMUNICATION PACKET PROCESSING 
APPARATUS AND THE METHOD THEREOF 

5 

BACKGROUND OF THE INVENTION 
(1) Field of the Invention 

The present invention relates to a security 
communication packet processing apparatus for secret 
10 communication by a data pacl<et and tlie metliod therefor, and 
more specifically relates to a technique for speeding up and 
|j reducing delay in security ensuring processing. 



(2) Description of the Prior Art 



W 15 As a TCP/IP network such as Internet has rapidly become 

|j widespread in these years, various manners of net businesses 
such as an electronic music distribution and shopping on the 
pi Web have been spotlighted and developed one after another. 
15 Although it Is the major premise of these kinds of net 
S 20 businesses that a secure and credible business is guaranteed 
between a service provider and a user, Internet is generally 
considered to be an insecure network because it is always at 
risk of interception and pretence by a cracker. So network 
security techniques such as electronic authentication, and 
25 encryption of communication data and a firewall come into the 
picture. Although these techniques have been realized mainly 
by software, a demand for a high-speed processing by 
hardware such as a cipher processing chip and a cipher circuit 
board has been increased In preparation for future broader 
30 band of communication channels in TCP/IP infrastructures. 

In a computer or a network connection device having a 
security communication function such as IPSec (IP Security 
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Protocol Suite), conventional processing for a packet that 
requires both encryption processing and authentication 
processing is performed as shown in a flowchart of Fig. 1. For 
a packet (such as an IP packet) that requires encryption 
5 processing (Step 701), after a plaintext packet is first divided 
into data blocks for the encryption processing (Step 702) and 
the encryption processing of these data blocks is performed 
(Step 703), they are reconstructed as an encrypted packet 
(Step 704). Next, when the packet requires authentication 
10 processing (Step 705), after the encrypted packet is divided 
into data blocks for the authentication processing (Step 706) 
and the authentication processing of these data blocks is 
3 performed (Step 707), they are reconstructed as an 

authentication-processed packet (Step 708). 
u 15 However, according to the above-mentioned method, 

^ packet construction processing needs to be performed twice 
(Step 704 and Step 708 in Fig. 1) for the packet that requires 
both encryption processing and the authentication processing. 
Therefore, there is a problem of speeding down of processing, 
CJ 20 decrease of throughput and ineffective use of an encryption 
processing unit or an authentication processing unit when both 
the encryption processing and the authentication processing 
are performed. Also, according to this method, there is a 
problem that a plaintext packet that should be processed by 
25 priority can not be processed by priority during the processing 
of another packet. Further, when only one encryption 
processing unit and authentication processing unit are 
respectively mounted, there is a problem that it is impossible to 
realize high-speed throughput by simultaneous processing of 
30 plural packets. 

SUMMARY OF THE INVENTION 
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It is accordingly a first object of the present invention, in 
tine light of the above-mentioned problems, to provide a 
security communication packet processing apparatus that 
makes it possible to speed up processing, reduce delay of the 
processing, increase throughput and use the encryption 
processing unit and the authentication processing unit 
effectively when both the encryption processing and the 
authentication processing are performed. 

Also, the second object of the present invention is to 
provide a security communication packet processing apparatus 
that makes it possible to perform at least one of the encryption 
(or decryption) processing and the authentication processing 
for plural packets simultaneously and in parallel. 

Further, the third object of the present invention is to 
provide a security communication packet processing apparatus 
with high processing efficiency that makes it possible to 
perform the processing by using only a required processing unit 
corresponding to a packet type among one or more encryption 
processing units and authentication processing units. 

Further, the fourth object of the present invention is to 
provide a security communication packet processing apparatus 
that makes it possible to control the priority processing of a 
packet for the encryption (including decryption) processing and 
the authentication processing. 

The above-mentioned first object may be achieved by the 
security communication packet processing apparatus according 
to the present invention that is a network connection device or 
a computer having the security communication function 
comprising an encryption processing unit for processing a data 
block for encryption processing, an authentication processing 
unit for processing a data block for authentication processing, 
and an encryption and authentication processing control unit 



for outputting the data block for the encryption processing and 
the information necessary for the encryption processing to the 
encryption processing unit, outputting the data blocl< for the 
authentication processing and the infornnation necessary for 
5 the authentication processing to the authentication processing 
unit, and controlling the encryption processing unit and the 
authentication processing unit, wherein the data blocks which 
was processed in the encryption processing unit are 
accumulated until the accumulated amount thereof reaches the 
10 smallest data block size for the authentication processing, a 
data block accumulation unit that outputs the accumulated 
amount to the authentication processing unit when it reaches 
13 the smallest data block size for the authentication processing is 
^ comprised, the encryption processing unit performs the 
4 15 processing of the data block for the next encryption processing 
f] while the authentication processing unit is processing the data 
block outputted from the data block accumulation unit, and the 
f; data block accumulation unit accumulates the data block for 
K the next authentication processing. As a result, by making the 
Q 20 data block necessary and sufficient for the encryption 
processing or the authentication processing a processing unit 
for the packet requiring the encryption processing and the 
authentication processing, the processing delay is reduced and 
the throughput is improved, and the encryption processing unit 
25 and the authentication processing unit can effectively used. 

The above-mentioned second object may be achieved by 
the security communication packet processing apparatus 
according to the present Invention, wherein the number of at 
least one of the encryption processing unit and the 
30 authentication processing unit Is two or more, and the number 
of the data block accumulation unit is equal to that of the 
encryption processing unit. As a result, plural packets can be 
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processed in parallel, and the security processing with high 
throughput can be realized. 

The above-mentioned third object may be achieved by 
the security communication pacl<et processing apparatus 
5 according to the present invention comprising a data path 
connection switching unit that, according to the processing 
command of the encryption and authentication processing 
control unit, connects the output of the encryption and 
authentication processing control unit and the input of the 
10 encryption processing unit when the data block outputted from 
the encryption and authentication processing control unit is the 
data block for the encryption processing, connects the output 
J of the encryption and authentication processing control unit 
and the input of the authentication processing unit when the 
y 15 data block outputted from the encryption and authentication 
ij processing control unit is the data block for the authentication 
processing, connects the output of the encryption processing 
unit and the input of the data block accumulation unit when the 
; data block processed in the encryption processing unit further 
- 20 requires the authentication processing, and connects the 
output of the data block accumulation unit and the input of the 
authentication processing unit when the data accumulated in 
the data block accumulation unit is ready for being outputted. 
As a result, since the encryption processing unit, the data block 
25 accumulation unit and the authentication processing unit do 
not always need to correspond to each other one on one even 
when there are plural encryption processing units and/or the 
authentication processing units, the data block requiring the 
authentication processing after the encryption processing can 
30 be outputted to arbitrary data block accumulation unit, and the 
output of the data block accumulation unit can be outputted to 
arbitrary authentication processing unit. Therefore, the 
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encryption processing unit, the data block accumulation unit 
and the authentication processing unit can be used more 
effectively, and the encryption processing unit and the 
authentication processing unit can be easily replaced and the 
5 number of them can be easily increased. 

The above-mentioned fourth object may be achieved by 
the security communication packet processing apparatus 
according to the present Invention, wherein, according to the 
instructions of the encryption and authentication processing 
10 control unit, a processing data saving unit for temporarily 
saving the data block processed In the encryption processing 
S ^^^^ authentication processing unit and the data block 

p accumulated In the data block accumulation unit along with the 
fj Information on the data block is provided In a part of or all of 
W 15 the encryption processing unit, the authentication processing 
nj unit and the data block accumulation unit separately. As a 
result, the packet can be processed according to the priority. 
Also, in the security communication packet processing 
m apparatus according to the present invention, the processing 
0 20 data saving unit for temporarily saving the data block 
processed in the encryption processing unit or the 
authentication processing unit and the data block accumulated 
in the data block accumulation unit along with the Information 
on the data block according to the Instructions of the 
25 encryption and authentication processing unit may be provided 
in common to an arbitrary combination of the encryption 
processing unit, the authentication processing unit and the 
data block accumulation unit. As a result, since arbitrary 
encryption processing unit, authentication processing unit or 
30 data block accumulation unit connected to the processing data 
saving unit can use the one and common processing data 
saving unit, and arbitrary encryption processing unit, 
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authentication processing unit or data biocl< accumulation unit 
connected to the processing data saving unit can restart the 
processing of the data block in the middle of the processing in 
the processing data saving unit, the above-mentioned fourth 
5 object can be achieved in a structure different from that of the 
above-mentioned security communication packet processing 
apparatus. 

Here, in the above-mentioned security communication 
packet processing apparatus, the data block for the encryption 
10 processing can be 64 bits, and the data block for the 
authentication processing can be 512 bits. In this case, the 
H data block accumulation unit may output the data blocks when 
Q it accumulates eight encrypted data blocks. 

Note that the present invention can be realized as the 
1.^ 15 security communication packet processing methods in which 
y the characteristic control units of the above-mentioned security 
f communication packet processing apparatus are processing 
Pj steps, or as the program for making a computer perform these 
processing steps. And, the program can, of course, be 
h 20 distributed via a recording medium such as CD-ROM or a 
transmitting medium such as a communication network. 

BRIEF DESCRIPTION OF THE DRAWINGS 

These and other objects, advantages and features of the 
25 Invention will become apparent from the following description 
thereof taken In conjunction with the accompanying drawings 
which illustrate a specific embodiment of the invention. In the 
Drawings: 

Fig. 1 is a flowchart showing a conventional processing 
30 procedure for a packet that requires both encryption processing 
and authentication processing. 

Fig. 2 Is a block diagram showing a structure of a security 
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communication paclcet processing apparatus according to the 
first embodiment of tine present invention. 

Fig. 3 is diagram describing control of data patli in an 
encryption and autiienticatlon processing control unit. 
5 Fig. 4A is a block diagram showing an example of a 

detailed structure of an encryption processing unit. 

Fig. 4B is a diagram showing an example of the 
encryption (or the decryption) processing in a block encryption 
unit as shown in Fig. 4A. 
10 Fig. 5A is a data flow diagram showing a function of a 

data block accumulation unit. 

Fig. 5B is a flowchart showing a processing procedure In 
Q the data block accumulation unit. 

Cj Fig. 6A is a block diagram showing an example of a 

^ 15 detailed structure of an authentication processing unit. 

fj Fig. 6B is a diagram showing an outline of hash 

processing In a hash circuit as shown in Fig. 6A. 
PJ Fig. 7 is a diagram showing an operation timing of the 

encryption processing In the encryption processing unit and the 
020 authentication processing in the authentication processing 
^ unit. 

Fig. 8 is a diagram showing an example of an application 
to a product of the security communication packet processing 
apparatus according to the first embodiment of the present 
25 Invention. 

Fig. 9A is a functional block diagram showing a structure 
of a security gateway as shown In Fig. 8. 

Fig. 9B shows a protocol stack indicating the 
communication functions of the security gateway. 
30 Fig. 10 is a block diagram showing a structure of the 

security communication packet processing apparatus according 
to the second embodiment of the present invention. 



Fig. 11 is a flowciiart showing an operation procedure of 
the security communication pacl<et processing apparatus. 

Fig. 12 is a blocl< diagram showing a structure of the 
security communication pacl<et processing apparatus according 
5 to the third embodiment of the present invention. 

Fig. 13 is a flowchart showing an operation procedure of 
the security communication packet processing unit. 

Fig. 14 is a block diagram showing a structure of the 
security communication packet processing apparatus according 
10 to the fourth embodiment of the present invention. 

Fig. 15 is a flowchart showing an operation procedure of 
the security communication packet processing apparatus. 

Fig. 16 is a block diagram showing a structure of the 
security communication packet processing apparatus according 
15 to the fifth embodiment of the present invention. 

Fig. 17 is a flowchart showing an operation procedure of 
the security communication packet processing apparatus. 

Fig. 18 is a block diagram of the security communication 
packet processing apparatus as an example of the variation. 

20 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

The following is an explanation of the embodiments of the 
present invention with reference to figures. 

First, the security communication packet processing 
25 apparatus according to the first embodiment of the present 
invention will be explained. 

Fig. 2 is a block diagram showing a structure of a security 
communication packet processing apparatus 100 according to 
the first embodiment of the present invention. The security 
30 communication packet processing apparatus 100 according to 
the first embodiment performs in a block unit the encryption 
(including decryption) processing and the authentication 
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processing required for a packet such as an inputted IP pacl<et, 
reconstructs it as a packet and outputs it. The security 
connmunication packet processing apparatus 100 is 
characterized by having an essential and fundamental structure 
5 that can complete both the encryption (including decryption) 
processing and the authentication processing by only one 
packet reconstruction processing, and comprises four circuit 
blocks which are connected In a fixed manner, that is, an 
encryption and authentication processing control unit 101, an 

10 encryption processing unit 102, a data block accumulation unit 
103 and an authentication processing unit 104, and a packet 
construction unit 105. 

Note that, according to this embodiment, packets that 
are inputted to the encryption and authentication processing 

15 control unit 101 are classified into four types according to the 
processing types which should be performed to the packets. 
The first type is a packet (a transmitting packet) which requires 
both the encryption processing and the authentication 
processing, the second type Is a packet (a receiving packet) 

20 which requires both the decryption processing and the 
authentication processing, the third type is a packet which 
requires either the encryption processing or the decryption 
processing, and the fourth type is a packet which requires the 
authentication processing only. 

25 The encryption and authentication processing control 

unit 101 receives a packet which should be processed from 
outside and information required for the processing of the 
packet (hereinafter referred to as ''processing information'')/ 
and based on the processing information, performs control of 

30 other components 102—105 (that Is, control of them to operate 
ON/Off, etc.), and control of determining the data path. 
Further, It divides a packet Into data blocks for the encryption 
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processing (or decryption processing) of Bl (64, for example) 
bit iengtli as a processing unit of the encryption processing unit 
102, so as to output them including the processing information 
thereof to the encryption processing unit 102, and divides a 
5 packet into data blocks for the authentication processing of B2 
(512, for example) bit length as a processing unit of the 
authentication processing unit 104 so as to output them 
including the processing information thereof to the 
authentication processing unit 104. 
10 "Processing information" here includes whether the 

encryption processing is to be performed or not, whether the 
J authentication processing Is to be performed or not, and which 
;5 processing is performed, the encryption processing or the 
decryption processing. When the encryption processing is to 
U15 be performed, it includes algorithm, key information and IV 
(Initial Vector), and when the authentication processing is to be 
U performed, it includes algorithm, and necessary key 
L' information and an authentication value. Note that the cipher 
J; algorithm includes DES (Data Encryption Standard) and 3DES. 
^J20 Also, the authentication algorithm includes HMAC-MD5-96 and 
HlviAC-SHA-1-96. Further, since a packet and its processing 
information are corresponded to each other by an identification 
number, etc., a mechanism is guaranteed not to confuse plural 
packets when they are inputted in sequence to the encryption 
25 and authentication processing control unit 101. 

Fig. 3 is diagram describing control of data path in the 
encryption and authentication processing control unit 101. 
When the encryption and authentication processing control unit 
101 determines, based on the processing Information, that a 
30 corresponded packet is a transmitting packet of the first type as 
mentioned above, that is, a packet that requires both 
encryption processing and authentication processing, it 
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controls the components 102~105 respectively so that a data 
flow is formed as shown In the data path diagram 111 of Fig. 3. 
In other words, the encryption processing by the encryption 
processing unit 102 and the authentication processing by the 
5 authentication processing unit 104 are sequentially performed 
to the packet In a unit of a data block, and the result of the 
authentication processing (the authentication value) Is 
Inputted to the packet construction unit 105, as well as the 
result of the encryption processing by the encryption 

10 processing unit 102 (the encrypted data block) is inputted to 
the packet construction unit 105. 

Also, when the encryption and authentication processing 
control unit 101 determines that a packet is a receiving packet 
of the second type as mentioned above, that Is, a packet that 

15 requires both decryption processing and authentication 
processing, it controls the components 102~105 respectively 
so that a data flow is formed as shown in the data path diagram 
112 of Fig. 3. In other words, the decryption processing by the 
encryption processing unit 102 and the authentication 

20 processing by the authentication processing unit 104 are 
performed in parallel to the packet in a unit of a data block, and 
these results (that is, the decrypted data block and the 
authentication value) are inputted to the packet construction 
unit 105. 

25 Also, when the encryption and authentication processing 

control unit 101 determines that a packet is the third type, that 
is, a packet that requires either encryption processing or 
decryption processing, it controls the components 102~105 
respectively so that a data flow Is formed as shown in the data 

30 path diagram 113 of Fig. 3. In other words, the encryption 
processing or the decryption processing by the encryption 
processing unit 102 and the authentication processing by the 
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authentication processing unit 104 are performed in parallel to 
tlie packet In a unit of a data block, and the these results (that 
is, the encrypted or the decrypted data block and the 
authentication value) are inputted to the packet construction 
5 unit 105. 

Further, when the encryption and authentication 
processing control unit 101 determines that a packet is the 
fourth type, that is, a packet that requires the authentication 
processing only, it controls the components 102—105 so that a 

10 data flow is formed as shown in the data path diagram 114 of 
Fig. 3. In other words, the packet is forwarded to the packet 
construction unit 105, as well as the authentication processing 
by the authentication processing unit 104 is performed to the 
packet In a unit of a data block, and the result (that is, the 

15 authentication value) is inputted to the packet construction 
unit 105. 

The encryption processing unit 102, which is a circuit or 
the like that performs the block encryption and decryption 
according to the cipher algorithm such as a DES and 3DES, 

20 performs the encryption processing to a data block for 
encryption (or decryption) processing of Bl bits transmitted 
from the encryption and authentication processing control unit 
101 in a predetermined number of steps (a clock cycle), and 
outputs the result to the data block accumulation unit 103 or 

26 the packet construction unit 105 as the encrypted (or 
decrypted) data block. 

Fig. 4A is a block diagram showing an example of a 
detailed structure of the encryption processing unit 102. The 
encryption processing unit 102 comprises an input block buffer 

30 121 which stores an inputted data block for the encryption (or 
decryption) processing of Bl bits, a block encryption unit 122 
which performs the block encryption (and decryption) and the 
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processing of the key for the block encryption (and decryption), 
and an output block buffer 123 which stores the result of the 
encryption (or decryption) processing (that is, the encrypted 
(or the decrypted) data block of Bl bits). 
5 Fig. 4B is a diagrann showing an example of the 

encryption (or the decryption) processing in the block 
encryption unit 122 as shown In Fig. 4A. To a data block of Bl 
bits outputted from the input block buffer 121, fixed bit 
replacement (initial replacement), then scramble processing of 

10 16 rounds determined by a key, and finally fixed bit 
replacement (final replacement) are performed. A secret key 
of Kl bits included in the processing information transmitted 
from the encryption and authentication processing control unit 
101 is divided into 16 partial keys of K2 bits after certain 

15 processing for creating a schedule key is performed, and is 
used to take an exclusive OR with a data block in each 
corresponding scramble processing and to determine 
processing details of bit replacement. 

The data block accumulation unit 103 is a queue buffer or 

20 the like that accumulates encrypted data blocks outputted from 
the encryption processing unit 102, and outputs the data of B2 
bits to the authentication processing unit 104 as a data block 
for the authentication processing when the accumulated 
amount reaches that of the data block (B2 bits) to which the 

25 authentication processing can be performed by the 
authentication processing unit 104. 

Fig. 5A is a data flow diagram showing a function of the 
data block accumulation unit 103. Here, the bit length B2 of 
the data block for the authentication processing which Is 

30 inputted to the authentication processing unit 104 is n times of 
the bit length Bl of the encrypted data block which is outputted 
from the encryption processing unit 102. Fig. 5B is a flowchart 
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showing a processing procedure in the data biocl< accunnuiation 
unit 103. The data blocl< accumulation unit 103, which is 
realized in a register file of Bl bit width with a counter, for 
example, repeats the processing (Steps 131~134) of resetting 
the counter (Step 131), accumulating encrypted data blocks 
outputted from the encryption processing unit 102 (Steps 132 
and 133), and when the number of the data blocks reaches n 
(Step 133), outputting n encrypted data blocks to the 
authentication processing unit 104 as parallel data of B2 bits, 
for example (Step 134). 

The authentication unit 104, which is a circuit or the like 
that performs the authentication processing (that is, the 
processing including calculation of ICV (Integrity Check Value) 
and verification of its integrity), according to the authentication 
algorithm such as HMAC-MD5-96 and H|viAC-SHA-l-96, etc., 
performs the authentication processing to the data blocks of B2 
bits for the authentication processing transmitted from the 
encryption and authentication processing control unit 101 or 
the data block accumulation unit 103 in a predetermined 
number of steps (a clock cycle), and outputs the result as the 
authentication value to the packet construction unit 105. 

Fig. 6A is a block diagram showing an example of a 
detailed structure of the authentication processing unit 104. 
The authentication processing unit 104 comprises an input 
block buffer 141 that stores an inputted data block of B2 bits for 
the authentication processing, a hash circuit 142 that 
calculates a hash value of A (96, for example) bits for m pieces 
of data blocks for the authentication processing which 
constitutes one packet by performing certain hash processing 
to the data block for the authentication processing transmitted 
from the input block buffer 141, and an authentication value 
output buffer 143 that stores the calculated hash value as the 
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authentication value. 

Fig. 6B is a diagram showing an outline of the hash 
processing in the hash circuit 142 as shown in Fig. 6A. The 
data block of B2 bits inputted to the input block buffer 141 is 
processed in a certain manner based on the authentication 
value of Al bits which is stored by the hash circuit 142 at that 
time so as to update the authentication value of Al bits. The 
data block of B2 bits inputted next is processed in a certain 
manner based on the hash value of Al bits which is just 
previously updated so as to further update the authentication 
value of Al bits which is stored by the hash circuit 142. This 
processing is repeated, and a part of the hash value of Al bits 
which was updated for the last data block of 82 bits is used as 
the authentication value of A2 bits for this packet. 

The packet construction unit 105 lines up the encrypted 
(or decrypted) data blocks outputted from the encryption 
processing unit 102 in a certain order according to the 
processing information or the like which is informed from the 
encryption and authentication processing control unit 101 so as 
to accumulate them, and constructs a processed packet 
corresponding to one packet inputted to the encryption and 
authentication processing unit 101 by incorporating the 
authentication value outputted from the authentication 
processing unit 104 into a predetermined location. More 
specifically, for a transmitting packet of the first type as 
mentioned above, an encrypted and authentication-processed 
packet in a predetermined format is reconstructed by 
accumulating the encrypted data blocks outputted from the 
encryption processing unit 102 as well as incorporating the 
authentication value outputted from the authentication 
processing unit 104. For a receiving packet of the second type 
as mentioned above, a decrypted and authentication-processed 
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data block is reconstructed according to a predetermined 
format by accumulating tlie decrypted data blocks outputted 
from the encryption processing unit 102. Likewise, for the 
third type packet, an encrypted (or decrypted) packet in a 
5 predetermined format is reconstructed by accumulating the 
encrypted (or decrypted) data blocks outputted from the 
encryption processing unit 102, and for the fourth type packet, 
a packet inputted to the security communication packet 
processing apparatus 100 is constructed as an 
10 authentication-processed packet according to a predetermined 
format. 

Note that reconstruction of an encrypted data block 
includes reconstruction for a cipher payload prescribed by 
IPSec (ESP: Encapsulating Security Payload) in a format 

15 corresponding to a tunnel mode and a transport mode. 
Similarly, reconstruction of an authentication value includes 
reconstruction for an authentication header prescribed by 
IPSec (AH: Authentication Header) in a format corresponding 
to a tunnel mode and a transport mode. Packet types such as 

20 Ipv4 and Ipv6 are included, for example. 

Next, the operation of the security communication packet 
processing apparatus 100 according to this embodiment as 
structured above will be explained respectively in the cases 
that the above-mentioned four types of packets are inputted. 

25 First, the processing process in the case that the first 

type packet, that is, a packet that requires both encryption 
processing and authentication processing is inputted to the 
security communication packet processing apparatus 100 (the 
processing process corresponding to the data path diagram 111 

30 in Fig. 3) will be explained. 

As the first step, the encryption and authentication 
processing control unit 101 receives a packet which should be 
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processed and the processing information thereof. The 
encryption and authentication processing control unit 101 
judges from the processing information that the pacl<et is a 
transmitting pacl<et that requires both encryption processing 
5 and authentication processing, divides the paclcet into data 
blocl<s for the encryption processing, and sequentially 
transmits them along with the processing information thereof 
to the encryption processing unit 102. 

As the second step, the encryption processing unit 102 
10 receives the processing information and the data blocl<s for the 
encryption processing from the encryption and authentication 
'-'l processing control unit 101, determines from the processing 
information a cipher algorithm, a key, an IV and an encryption 
processing method which should be applied to the data block, 
'"i 15 and encrypts the data blocks for the encryption processing 
I^J according to the processing method. Note that this may be 
L realized so that plural cipher algorithms can be processed in the 
encryption processing unit 102. The encrypted data blocks 
5S are outputted to the packet construction unit 105 and, at the 
20 same time, outputted to the data block accumulation unit 103 
along with the processing information necessary for the 
authentication processing for the following authentication 
processing. Note that the encryption processing unit 102 
performs the processing repeatedly every time the next data 
25 block for the encryption processing is inputted. 

As the third step, the data block accumulation unit 103 
successively accumulates the data blocks for the encryption 
processing outputted from the encryption processing unit 102 
until they reaches the data block size necessary for the 
30 authentication processing, and when they reaches the data 
block size necessary for the authentication processing, it 
outputs them along with the processing information thereof to 
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the authentication processing unit 104. The data blocl< 
accumuiatlon unit 103 judges the accumulation status of 
whether the accumulated amount of the encrypted data blocks 
is equal to the data block size for the authentication by 
counting the amount by using an accumulated block counter or 
the like that the data block accumulation unit 103 has. Note 
that this may be realized in the method that the encryption and 
authentication processing control unit 101 has the accumulated 
block counter. 

The data block accumulation unit 103 accumulates the 
next encrypted data block every time it is inputted, repeats 
judgment of whether the number of the data blocks reaches n 
pieces, and when it reaches n, outputs the accumulated data 
blocks to the authentication processing unit 104. 

As the fourth step, the authentication processing unit 104 
receives the encrypted data blocks for the authentication 
processing and the processing information thereof from the 
data block accumulation unit 103, performs the authentication 
processing according to the processing information, and 
calculates the authentication value. The output value of the 
authentication processing unit 104 is the authentication value 
of the packet which is now being processed. 

The first through fourth steps as mentioned above are 
repeatedly applied to all the data blocks that require both 
encryption processing and authentication processing among 
transmitting packets that require both encryption processing 
and authentication processing. 

Finally, as the fifth step, the packet construction unit 105 
constructs and encrypted and authentication-processed packet 
corresponding to one packet inputted to the encryption an 
authentication processing control unit 101 by lining up the 
encrypted data blocks outputted from the encryption 
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processing unit 102 in a predetermined order so as to 
accumulate them and incorporating the authentication value 
outputted from the authentication processing unit 104 into a 
predetermined location. 

5 Fig. 7 is a diagram showing an operation timing of the 

encryption processing in the encryption processing unit 102 
and the authentication processing in the authentication 
processing unit 104. Here, one packet is divided into m x n 
pieces of data blocks for the encryption processing, and n 

10 pieces of data blocks for the encryption processing (the 
encrypted data blocks) correspond to one data block for the 
authentication processing. Therefore, one packet is divided 
into m pieces of data blocks for the authentication processing. 
As shown in Fig. 7, encrypted data blocks to which the 

15 encryption processing is performed in the encryption 
processing unit 102 are accumulated in the data block 
accumulation unit 103 one by one. When n pieces of 
encrypted data blocks are accumulated in the data block 
accumulation unit 103, n pieces of these encrypted data blocks 

20 are taken from the data block accumulation unit 103 and 
transferred to the authentication processing unit 104, where 
the authentication processing is performed to them as the first 
data block for authentication processing. In this way, the 
encryption processing and the authentication processing are 

25 repeated in parallel. As a result, the encryption processing is 
performed to this one transmitting packet m x n times, and the 
authentication processing is performed m times. Note that 
since the length, encryption and authentication algorithms and 
others of the transmitting packet which is to be inputted to the 

30 security communication packet processing apparatus 100 are 
not fixed, the number of times of the encryption processing and 
the authentication processing can be dynamically determined 
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based on the processing Information accompanying to the 
packet. 

Next, the processing process in the case that the second 
type packet, that is, a receiving packet that requires both 

5 decryption processing and authentication processing is 
inputted to the security communication packet processing 
apparatus 100 (the processing process corresponding to the 
data path diagram 112 in Fig. 3) will be explained. 

As the first step, the encryption and authentication 

10 processing control unit 101 receives a packet which should be 
processed and the processing Information thereof. The 
encryption and authentication processing control unit 101 
judges from the processing Information that the packet is a 
receiving packet that requires both decryption processing and 

15 authentication processing, duplicates the packet. And then, it 
divides one packet into data blocks for the decryption 
processing as a packet for the decryption processing and 
outputs them along with the processing Information thereof to 
the encryption processing unit 102, and divides another packet 

20 into data blocks for the authentication processing as a packet 
for the authentication processing and outputs them along with 
the processing information thereof to the authentication 
processing unit 104. 

As the second step, the following two types of processing 

25 are performed In parallel. As the first processing, the 
encryption processing unit 102 decrypts the received data 
blocks based on the processing information thereof, and 
outputs them to the packet construction unit 105. As the 
second processing, the authentication processing unit 104 

30 performs the authentication processing to the received data 
blocks for authentication processing, and calculates the 
authentication value. 
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The above-mentioned first and second steps are 
repeatedly applied to all the data blocks that require both 
decryption processing and authentication processing among 
the receiving packets that require both the decryption 

5 processing and the authentication processing. 

Finally, as the third step, the packet construction unit 105 
lines up the decrypted data blocks outputted from the 
encryption processing unit 102 in a predetermined order to 
accumulate them according to the processing information 

10 which is informed by the encryption and authentication 
processing control unit 101, as well as it incorporates the 
authentication value outputted from the authentication 
processing unit 104 into a predetermined location so as to 
construct a decrypted and authentication-processed packet 

15 corresponding to one packet inputted to the encryption and 
authentication processing control unit 101. 

Next, the processing process in the case that the third 
type packet, that is, a packet that requires the encryption 
processing or the decryption processing is inputted to the 

20 security communication packet processing apparatus 100 (the 
processing process corresponding to the data path diagram 113 
in Fig. 3) will be explained in detail. 

As the first step, the encryption and authentication 
processing control unit 101 receives a packet which should be 

25 processed and the processing information thereof. The 
encryption and authentication processing control unit 101 
judges from the processing information that the packet is a 
packet that requires the decryption processing or the 
decryption processing, divides it into data blocks for the 

30 encryption processing, and outputs them along with the 
processing information thereof to the encryption processing 
unit 102. 
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As the second step, the encryption processing unit 102 
receives the data blocl<s for encryption processing and the 
processing information thereof, performs the encryption 
processing or the decryption processing according to the 

5 processing information, and outputs them to the pacl<et 
construction unit 105 as processed data blocl<s. 

The above-mentioned first and second steps are 
repeatedly applied to all the data blocks that require the 
encryption processing or the decryption processing among the 

10 packets that require either the encryption processing or the 
decryption processing. 

Finally, as the third step, the packet construction unit 105 
lines up the encryption (or decryption)-processed data blocks 
outputted from the encryption processing unit 102 in a 

15 predetermined order to accumulate them according to the 
processing information which is informed by the encryption and 
authentication processing control unit 101, as well as it 
constructs an encryption (or decryption)-processed packet 
corresponding to one packet inputted to the encryption and 

20 authentication processing control unit 101. 

Next, the processing process In the case that the fourth 
type packet, that is, a packet that requires both authentication 
processing only is inputted to the security communication 
packet processing apparatus 100 (the processing process 

25 corresponding to the data path diagram 114 in Fig. 3) will be 
explained. 

As the first step, the encryption and authentication 
processing control unit 101 receives a packet which should be 
processed and the processing information thereof. The 
30 encryption and authentication processing control unit 101 
judges from the processing information that the packet is a 
packet that requires the authentication processing only, divides 
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it into data blocl<s for the authentication processing, and 
outputs them aiong with the processing information thereof to 
the authentication processing unit 104. 

As the second step, the authentication processing unit 
104 receives the data bloclcs for the authentication processing 
and the processing information thereof, performs the 
authentication processing according to the processing 
information, and calculates the authentication value. 

The above-mentioned first and second steps are 
repeatedly applied to all the data bloclcs that require the 
authentication processing among the packets that require the 
authentication processing only. 

Finally as the third step, the packet construction unit 105 
incorporates the authentication value outputted from the 
authentication processing unit 104 into the packet Inputted to 
the security communication packet processing apparatus 100 
according to the processing information that is informed by the 
encryption and authentication processing control unit 101 so as 
to construct an authentication-processed packet corresponding 
to one packet inputted to the encryption and authentication 
processing control unit 101. 

As mentioned above, according to the security 
communication packet processing apparatus 100 of this 
embodiment, a packet which was inputted to the security 
communication packet processing apparatus 100 is judged to 
be which type of the packet among four types, divided into data 
blocks of a required size, and encrypted (or decrypted) and 
authenticated so as to be restored to a processed packet by 
only one packet reconstruction. 

In other words, conventionally, encryption processing is 
first performed to a transmitting packet that requires both 
encryption processing and authentication processing to 
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construct it as an encrypted packet, and then it is again divided 
into data blocks for the authentication processing to be 
authenticated, so the packet needs to be constructed twice 
after the encryption processing and the authentication 
5 processing, and the authentication processing unit 104 must 
wait until the encrypted data blocks are reconstructed as a 
packet. On the other hand, according to this ennbodiment, the 
data block accumulation unit 103 is provided between the 
encryption processing unit 102 and the authentication 
10 processing unit 104 so that data blocks of a size necessary and 
sufficient for the processing are always Inputted to the 
g encryption processing unit 102 and the authentication 
S processing unit 104, and the divided packet is reconstructed 
" only once for any security processing. That is, since the data 
-15 block accumulation unit 103 accumulates encrypted data 
blocks until they reach a size of data blocks required for the 
authentication processing, and outputs them to the 
i authentication processing unit 104, an input waiting time for 
f5 the authentication processing unit 104 is more drastically 
reduced than the conventional method. Accordingly, 
improvement of throughput, reduction of delay and speeding 
up of the security processing of the packet as well as an 
effective use of the encryption processing unit and the 
authentication processing unit become possible. 
25 Fig. 8 Is a diagram showing an example of an application 

to a product of the security communication packet processing 
apparatus 100 according to the first embodiment of the present 
invention. Here, an appearance of a security gateway 160 
which functions as a router and a fire wall is illustrated. The 
30 security gateway 160 is a communication apparatus that 
securely interconnects WAN 161 which is a public 
communication network such as Internet and LAN 162 which is 
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a private communication network connecting plural computers 
and others for in-house use. More specifically, this security 
gateway 160 is, for example, a gateway at an IP level 
corresponding to the IPSec specifications disclosed in Request 
5 For Comments 2401 ~ 2410 published by IETF (Internet 
Engineering Task Force). To an IP packet outputted from the 
LAN 162 to the WAN 161, the encryption processing and the 
authentication processing, the encryption processing only, or 
the authentication processing only are performed according to 
10 need, while to an IP packet outputted from the WAN 161 to the 
LAN 62, the decryption processing and the authentication 

p processing, the decryption processing only, or the 
authentication processing only are performed, so as to connect 
plural communication apparatus via the WAN 161 through a 

315 secure communication path which can eliminate a fraud 
practice such as interception or pretence by a third party. 

Fig. 9A is a functional block diagram showing a structure 
of the security gateway 160 as shown in Fig. 8, and Fig. 9B 

.1 shows a protocol stack indicating the communication functions 

1:20 of the security gateway 160. The security gateway 160 
comprises the security communication packet processing 
apparatus 100 of this embodiment which is realized by an LSI 
or the like, a WAN interface 165 which is a communication 
interface connected to the WAN 161, a LAN interface 166 which 
25 is a communication interface connected to the LAN 162, and a 
network controller 167 that converts data inputted and 
outputted via these two interfaces 165 and 166 according to 
the protocol stack as shown in Fig. 9B, and controls the security 
communication packet processing apparatus 100 to perform 
30 the encryption (or the decryption) processing and the 
authentication processing to an IP packet. 

This security gateway 160 speeds up secret 
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communication via Internet. Communication speed and 
security of an Internet phone requiring real time 
communication, an interactive communication sucli as an 
electronic settlement and distribution of a digital work such as 
5 a moving image, for example, are dramatically improved. 

Note that, according to the security communication 
packet processing apparatus 100 of this embodiment, a 
transfer of data between each component and a data path are 
determined and controlled under the control of the encryption 
10 and authentication processing control unit 101, but instead of 
this or in addition to this, a transfer of data among the 
tl encryption and authentication processing control unit 101, the 
t5 encryption processing unit 102, the data block accumulation 
*j unit 103 and the authentication processing unit 104 may be 
15 realized , for example, by two-way hand-shaking between each 
"J processing unit. 

u Also, the security communication packet processing 

apparatus 100 of this embodiment may be realized by an LSI 

Sri- 

55 and an FPGA (Field Programmable Gate-Array), or the 
^20 encryption processing unit 102 and the authentication 

processing unit 104 may be realized by a DSP (Digital Signal 

Processor). 

Further, although the data block accumulation unit 103 is 
provided independently of the authentication processing unit 
25 1 04 in this embodiment, the present invention is not always 
limited to this structure, and the data block accumulation unit 
103 may be realized in the manner that it is included in the 
authentication processing unit 104. 

Next, the security communication packet processing 
30 apparatus according to the second embodiment of the present 
invention will be explained. 

Fig. 10 is a block diagram showing a structure of the 
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security communication packet processing apparatus 200 
according to tine second embodiment of tine present invention. 
Tine security communication packet processing apparatus 200 
of this embodiment is an exampie of an apparatus tiiat lias two 

5 or more encryption processing units and/or autlientication 
processing units, and has the same number of the data block 
accumulation units as that of the encryption processing units. 
Here, the second embodiment has a structure in which a pair of 
combinations of one encryption processing unit, one data block 

10 accumulation unit and one authentication processing unit 
(hereinafter as referred to "a packet processing module") are 
arranged in parallel, that is, a structure corresponding to two 
units of the security communication packet processing 
apparatus 100 according to the first embodiment. I^ore 

15 specifically, the security communication packet processing 
apparatus 200 comprises the packet processing module 
including an encryption processing unit 202a, a data block 
accumulation unit 203a, an authentication processing unit 
203a and a packet construction unit 205a, the packet 

20 processing module including an encryption processing unit 
202b, a data block accumulation unit 203b, an authentication 
processing unit 204b and a packet construction unit 205b, and 
an encryption and authentication processing control unit 201. 
Note that the encryption processing units 202a, 202b, 

25 the data block accumulation units 203a, 203b, the 
authentication processing units 204a, 204b, and the packet 
construction units 205a, 205b have the same functions as the 
encryption processing unit 102, the data block accumulation 
unit 103, the authentication unit 104 and the packet 

30 construction unit 105 according to the first embodiment, 
respectively. Further, ID numbers are allocated to the 
encryption processing units 202a, 202b, the authentication 
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processing units 204a, 204b and the data block accumulation 
units 203a, 203b respectively so as to identify them uniquely. 
The second embodiment, particularly the points different from 
the first embodiment, will be explained as follows. 

The encryption and authentication processing control 
unit 201 has a control function to use effectively two pairs of 
packet processing modules as resources in addition to the 
functions of the encryption and authentication processing unit 
101 of the first embodiment. More specifically, the encryption 
and authentication processing control unit 201 keeps track of 
the processing status such as whether respective processing 
units 202a'--205a and 202b~205b are performing processing 
(BUSY) or are ready for processing (READY) by receiving BUSY 
signals indicating that they are performing processing and 
READY signals indicating that they are ready for processing 
from respective processing units. Here, when both of the two 
encryption processing units 202a and 202b are ready for 
processing, the encryption processing unit with the smallest ID 
number is used by priority. The same applies to when the two 
authentication processing units are ready for processing at the 
same time. 

However, when the encryption processing is performed to 
a transmitting packet that requires both encryption processing 
and authentication processing, in the encryption processing 
unit 202b, for example, the encryption and authentication 
processing control unit 201 controls so that the encrypted data 
blocks outputted from the encryption processing unit 202b are 
inputted to the authentication processing unit 204b after they 
are accumulated in the data block accumulation unit 203b and 
reconstructed in the packet construction unit 205b. That is, 
for a transmitting packet that requires both encryption 
processing and authentication processing, the data block 
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accumulation unit, the authentication processing unit and the 
packet construction unit for the processing thereof are 
self-determined depending upon which encryption processing 
unit performed the processing. In sum, encryption (or 
decryption) processing, accumulation of data blocks, 
authentication processing and reconstruction of a packet are 
performed by the processing units in the same packet 
processing module. 

Fig. 11 is a flowchart showing an operation procedure of 
the security communication packet processing apparatus 200. 
When the encryption and authentication processing control unit 
201 receives a packet that requires the encryption processing, 
the authentication processing or both of them and the 
processing information thereof, it specifies the encryption 
processing unit 202a or 202b which is ready for processing 
when the packet requires the encryption processing, and 
outputs the packet (the divided data blocks) and the processing 
information thereof to the encryption processing unit 202a or 
202b. On the other hand, when the packet requires the 
authentication processing only, the encryption and 
authentication processing control unit 201 specifies the 
authentication processing unit 204a or 204b which is ready for 
processing, and outputs the packet (the divided data blocks) 
and the processing information thereof to the authentication 
processing unit 204a or 204b (Step 211). The following 
encryption (or decryption) processing and authentication 
processing are performed according to the method as described 
in the first embodiment, that is, the procedure along with any 
of the four types of data paths depending upon a type of a 
packet (Step 212). 

As described above, according to the security 
communication packet processing apparatus 200 of this 
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embodiment, two or more encryption processing units and/or 
autlientlcation processing units are provided, plural packets 
are allocated to the encryption processing units or the 
authentication processing units in an idle condition by the 

5 encryption and authentication processing control unit, and the 
encryption processing and authentication processing are 
performed to the plural packets in parallel. Therefore, a 
problem can be avoided that plural packets that require the 
encryption processing or the authentication processing are 

10 sequentially inputted to a single packet processing module of 
which packet is in a ready-for-processing state and a 
transmission delay is caused, and thereby the transmission 
speed of secret communication is improved. 

Note that although, according to this embodiment, a 

15 structure in which a pair of combinations of an encryption 
processing unit, an authentication processing and a data block 
accumulation unit are arranged in parallel is explained, the 
present invention is not always limited to the above-mentioned 
structure, and a structure in which the encryption processing 

20 units and the authentication processing units are provided so 
that the sum of the processing performance of the encryption 
processing units is equal to that of the authentication 
processing units may be realized. In this case, the ratio of the 
number of the encryption processing units and the 

25 authentication processing units is found by the number of the 
encryption processing units : the number of the authentication 
processing units = nTl : T2, when a size of a data block for the 
encryption processing is Bl, a size of a data block for the 
authentication processing is B2 (= nBl), the number of 

30 processing steps per one block of the encryption processing 
unit is Tl, and the number of processing steps per one block of 
the authentication processing unit is T2. Note that B, n, Tl 
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and T2 are all natural numbers. 

Next, the security communication packet processing 
apparatus according to tlie third embodiment of the present 
invention will be explained. 

Fig. 12 is a block diagram showing a structure of the 
security communication packet processing apparatus 300 
according to the third embodiment of the present invention. 
The security communication packet processing apparatus 300 
in this embodiment is an example of the apparatus which is 
characterized by having plural encryption processing units, 
plural data block accumulation units and plural authentication 
processing units of which connection manner is not fixed and 
can be dynamically determined. It comprises one encryption 
and authentication processing control unit 301, one data path 
connection switching unit 302, two encryption processing units 
303a, 303b, two data block accumulation units 304a, 304b, two 
authentication processing units 305a, 305b, and one packet 
construction unit 306. 

Note that the encryption processing units 303a, 303b, 
the data block accumulation units 304a, 304b, the 
authentication processing units 305a, 305b, and the packet 
construction units 306 have the same functions as those of the 
encryption processing unit 102, the data block accumulation 
unit 103, the authentication processing unit 104 and the packet 
construction unit 105 according to the first embodiment. 
Further, ID numbers are allocated to the encryption processing 
units 303a, 303b, the authentication processing units 305a, 
305b, and the data block accumulation units 304a, 304b 
respectively so as to identify them uniquely. The third 
embodiment, particularly the points different from the first 
embodiment, will be explained as follows. 

The data path connection switching unit 302 is a selector 
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circuit or the like that, according to the control of the 
encryption and authentication processing control unit 301, can 
connect (or leave unconnected) the output of the encryption 
and authentication processing control unit 301 and the input of 

5 the encryption processing unit 303a or 303b, the output of the 
encryption and authentication processing control unit 301 and 
the input of the authentication processing unit 305a or 305b, 
the output of the encryption processing unit 303a and the input 
of the data block accunnulation unit 304a or 304b, the output of 

10 the encryption processing unit 303b and the input of the data 
block accumulation unit 304a or 304b, the output of the data 
block accumulation unit 304a and the Input of the 
authentication processing unit 305a or 305b, the output of the 
data block accumulation unit 304b and the input of the 

15 authentication processing unit 305a or 305b, respectively and 
Independently. 

The encryption and authentication processing control 
unit 301 has a function to control the data path connection 
switching unit 302 so that only the necessary ones among the 

20 components are connected dynamically in order to use six 
components 303a, 303b, 304a, 304b, 305a and 305b 
effectively as resources in addition to the functions of the 
encryption and authentication processing control unit 101 of 
the first embodiment. 

25 Fig. 13 is a flowchart showing an operation procedure of 

the security communication packet processing unit 300. The 
encryption and authentication processing control unit 301 
receives a packet which should be processed and the 
processing information thereof from outside, judges a type of 

30 the packet, that is, the need of the encryption (or the 
decryption) processing and authentication processing 
respectively based on the contents of the processing 
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information, and specifies tlie encryption processing unit 303a 
or 303b, tlie data block accumulation unit 304a or 304b, and 
the authentication processing unit 305a or 305b that can 
perform the necessary processing (or are ready for processing) 

5 (Step 311). 

Then, the encryption and authentication processing unit 
301 gives a connection command to the data path connection 
switching unit 302 so that each of the specified processing units 
is connected In the manner depending upon its packet type 

10 (Step 312). Here, the "connection command" may be 
something expressed by an ID number of each processing unit 
to be connected or like a control signal of a selector. When it 
is judged that the packet Is a transmitting packet of the first 
type, the encryption and authentication processing control unit 

15 301 gives the data path connection switching unit 302 a 
command of connecting the output of the encryption and 
authentication processing control unit 301 and the input of the 
encryption processing unit 303b, a command of connecting the 
output of the encryption processing unit 303b and the input of 

20 the data block accumulation unit 304b, and a command of 
connecting the output of the data block accumulation unit 303b 
and the input of the authentication processing unit 305b. 

On the other hand, when the connection Is completed, 
the data path connection switching unit 302 outputs a READY 

25 signal indicating the completion of the connection to the 
encryption and authentication processing control unit 301 
(Step 313). 

When the encryption and authentication processing 
control unit 301 receives the READY signal, it divides the packet 
30 to be processed into data blocks required for processing, and 
outputs them along with the processing information thereof to 
each processing unit 303a, 303b, 305a and 305b via the data 
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path connection switching unit 302. Thereby, the necessary 
encryption (or decryption) processing and the necessary 
authentication processing and the reconstruction of the pacl<et 
are performed according to the processing procedure as 
5 described in the first embodiment (Step 314). 

Next, the detailed operations of the 4 types of packets as 
described in the first embodiment when they are inputted to the 
security communication pacl<et processing apparatus 300 will 
be explained by each packet type. 

10 First, the processing process when a The first type packet, 

that is, a transmitting packet that requires both encryption 
processing and authentication processing is inputted to the 
security communication packet processing apparatus 300 is 
explained. As the first step, the encryption and authentication 

15 processing control unit 301 receives a packet to be processed 
and the processing information thereof, judges based on the 
contents of the processing information that It is a transmitting 
J^f packet that requires both encryption processing and 

- authentication processing, and judges which of the encryption 
II20 units, the data block accumulation units and the authentication 
processing units are ready for processing according to the 
method as described in the second embodiment. 

Here, when the encryption processing unit 303b, the data 
block accumulation unit 304b and the authentication 

25 processing unit 305b are ready for processing, for example, the 
encryption and authentication processing unit 301, as the 
second step, gives the data path connection switching unit 302 
a command of connecting the output of the encryption and 
authentication processing control unit 301 and the input of the 

30 encryption processing unit 303b, a command of connecting the 
output of the encryption processing unit 303b and the Input of 
the data block accumulation unit 304b and a command of 
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connecting the output of the data block accumulation unit 303b 
and the input of the authentication processing unit 305b. 

On the other hand, as the third step, the data path 
connection switching unit 302 connects respective processing 
5 units according to the given connection command, and after 
completing the connection, it outputs a READY signal indicating 
the completion of connection to the encryption and 
authentication processing control unit 301. 

As the fourth step, when the encryption and 
10 authentication processing control 301 receives the READY 
signal from the data bath connection switching unit 302, it 
'Z divides the packet to be processed into data blocks for the 
encryption processing, and outputs them along with the 
^, processing information thereof to the encryption processing 
';a5 unit 303b. The following processing is performed according to 
f-i the processing method for a transmitting packet of the first 
Lk type as described in the first embodiment. 
'■j Next, the processing process in the case that a packet of 

^5 the second type, that is, a receiving packet that requires both 
'^20 decryption processing and authentication processing is 
inputted to the security communication packet processing 
apparatus 300 Is explained. As the first step, the encryption 
and authentication processing control unit 301 receives a 
packet to be processed and the processing information thereof, 
25 judges based on the contents of the processing information 
that it is a receiving packet that requires both decryption 
processing and authentication processing, and judges which of 
the decryption units and the authentication processing units 
are ready for processing. 
30 Here, when the encryption processing unit 303b and the 

authentication processing unit 305b are ready for processing, 
for example, the encryption and authentication processing unit 
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301, as the second step, gives the data path connection 
switching unit 302 a command of connecting the output of the 
encryption and authentication processing control unit 301 and 
the input of the encryption processing unit 303b and a 

5 command of connecting the output of the encryption and 
authentication processing control unit 301 and the input of the 
authentication processing unit 305b. 

As the third step, the data path connection switching unit 
302 connects the encryption and authentication processing 

10 control unit 301 and the encryption processing unit 303b, and 
the encryption and authentication processing control unit 301 
and the authentication processing unit 305b according to the 
given connection command, and after completing the 
connection, it outputs a READY signal to the encryption and 

15 authentication processing control unit 301. 

As the fourth step, the encryption and authentication 
processing control 301 duplicates the packet in the same 
manner as that described in the first embodiment, divides one 
packet into data blocks for the encryption processing to output 

20 them to the encryption processing unit 303b, and divides the 
other packet into data blocks for the authentication processing 
to output them to the authentication processing unit 305b. 
The following processing is performed according to the 
processing method for a packet of the second type as described 

25 in the first embodiment. 

Next, the processing process in the case that the third 
type packet, that is, a packet that requires both encryption 
processing and authentication processing is inputted to the 
security communication packet processing apparatus 300 is 

30 explained. As the first step, the encryption and authentication 
processing control unit 301 receives a packet to be processed 
and the processing information thereof, judges based on the 
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contents of the processing information that it is a pacl<et that 
requires either encryption processing or decryption processing, 
and judges which encryption processing unit is ready for 
processing. 

5 Here, when the encryption processing unit 303b is ready 

for processing, for example, the encryption and authentication 
processing unit 301, as the second step, gives the data path 
connection switching unit 302 a command of connecting the 
output of the encryption and authentication processing control 

10 unit 301 and the input of the encryption processing unit 303b. 

As the third step, the data path connection switching unit 
302 connects the encryption and authentication processing 
control unit 301 and the encryption processing unit 303b 
according to the given connection command, and after 

15 completing the connection, it outputs a READY signal to the 
encryption and authentication processing control unit 301. 

As the fourth step, the encryption and authentication 
processing control 301 divides the packet into data blocks for 
the encryption processing to output them to the encryption 

20 processing unit 303b. The following processing is performed 
according to the processing method for a packet of the third 
type as described in the first embodiment. 

Finally, the processing process in the case that the fourth 
type packet, that is, a packet that requires the authentication 

25 processing is Inputted to the security communication packet 
processing apparatus 300 is explained. As the first step, the 
encryption and authentication processing control unit 301 
receives a packet to be processed and the processing 
information thereof, judges based on the contents of the 

30 processing information that it is a packet that requires the 
authentication processing, and judges which authentication 
processing unit is ready for processing. 
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Here, when the authentication processing unit 305b is 
ready for processing, for example, the encryption and 
authentication processing unit 301, as the second step, gives 
the data path connection switching unit 302 a connmand of 
5 connecting the output of the encryption and authentication 
processing control unit 301 and the input of the authentication 
processing unit 305b. 

As the third step, the data path connection switching unit 
302 connects the encryption and authentication processing 
10 control unit 301 and the authentication processing unit 305b 
according to the given connection command, and after 
completing the connection, it outputs a READY signal to the 
encryption and authentication processing control unit 301. 

As the fourth step, the encryption and authentication 
,15 processing control 301 divides the packet into data blocks for 
the encryption processing to output them to the authentication 
processing unit 305b. The following processing Is performed 
according to the processing method for a packet of the fourth 
type as described in the first embodiment. 
20 As described above, according to the security 

communication packet processing apparatus 300 according to 
this embodiment, by providing the data path connection 
switching unit 302 for connecting respective processing units 
via various paths, flexible structure is realized so that an 
25 encryption processing unit can input data blocks to an arbitrary 
data block accumulation unit which is ready for processing and 
a data block accumulation unit can input data blocks to an 
arbitrary authentication processing unit which is ready for 
processing because a set of one encryption processing unit, one 
30 data block accumulation unit and one authentication 
processing unit are not always occupied fixedly. That Is, since 
the encryption processing unit, the data block accumulation 
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unit and the authentication processing unit can be combined 
flexibly, they can be effectively used. Further, such operations 
can be easily realized as providing plural encryption processing 
units and authentication processing units, or replacing the 
encryption processing unit mounting an encryption algorithm 
with the encryption processing unit mounting another 
encryption algorithm. 

Next, the security communication packet processing 
apparatus according to the fourth embodiment of the present 
invention will be explained. 

Fig. 14 is a block diagram showing a structure of the 
security communication packet processing apparatus 400 
according to the fourth embodiment of the present invention. 
The security communication packet processing apparatus 400 
according to the fourth embodiment comprises a structure in 
which six saving areas (or processing data saving units) which 
are respectively connected to two encryption processing units, 
two data block accumulation units and two authentication units 
are added to the security communication packet processing 
apparatus 300 according to the third embodiment. In other 
words, the security communication packet processing 
apparatus 400 comprises one encryption and authentication 
processing control unit 401, one data path connection 
switching unit 402, two encryption processing units 403a and 
403b, two data block accumulation units 404a and 404b, two 
authentication processing units 405a and 405b, six processing 
data saving units 406a, 406b, 406c, 406d, 406e and 406f, and 
one packet construction unit 407. The fourth embodiment, 
particularly the points different from the third embodiment, will 
be explained as follows. 

Six processing data saving units 406a, 406b, 406c, 406d, 
406e and 406f are memories or the like having storage areas 
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just for temporarily saving all data that are being processed in 
the corresponding encryption processing units 403a, 403b, the 
data block accumulation units 404a, 404b, and the 
authentication processing units 405a, 405b, respectively. 

Note that, although, according to the fourth embodiment, 
the encryption and authentication processing control unit 401 
receives four types of the packets and the processing 
information thereof as described in the first embodiment, the 
processing information is supposed to include the information 
on the priority of processing the packets. "The information on 
the priority" is expressed by figures, for example. These 
figures are allocated corresponding to the information of Type 
of Service (ToS) bits included in an IP header, for example. 

The encryption and authentication processing control 
unit 401 performs processing for allocating resources (that is, 
the encryption processing unit, the data block accumulation 
unit and the authentication processing unit) depending upon 
the priority of the inputted packet. In addition to the functions 
of the encryption and authentication processing control unit 
301. More specifically, when all the resources required for the 
encryption (or the decryption) processing and the 
authentication processing are being occupied when the packet 
is inputted, the encryption and authentication processing 
control unit 401 specifies the resource which is processing the 
packet with the lowest priority among them and saves the 
processing data thereof in the processing data saving unit so as 
to release the resource. In other words, the encryption and 
authentication processing control unit 401 performs control so 
that the packet with higher priority is processed earlier. 

Fig. 15 is a flowchart showing an operation procedure of 
the security communication packet processing apparatus 400. 

The encryption and authentication processing control 
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unit 401 receives a packet to be processed and the processing 
information tliereof, and tlien judges based on tiie processing 
information wiietiier the processing unit required for the 
processing of the paclcet is ready for processing or not (Step 
411). As a result, when the required processing unit Is ready 
for processing ("Yes" in Step 411), the encryption and 
authentication processing control unit 401 outputs the data 
blocks and the processing Information thereof to the processing 
unit and makes it proceed with the processing (Step 412) 
according to the processing process of the third embodiment 
(Steps 311~314 In Fig. 13) in the following. 

On the other hand, when all the processing units required 
for the processing of the packet are being occupied ("No" in 
Step 411), the encryption and authentication processing 
control unit 401 gives the processing unit which is processing 
the packet with the lowest priority a command of saving the 
data in the middle of processing In the processing data saving 
unit connected to the processing unit (Step 413). When the 
processing unit receives the saving command. It saves the data 
In the middle of processing and the processing information 
thereof in the processing data saving unit, and after completing 
the saving, it outputs a READY signal to the encryption an 
authentication processing control unit 401 (Step 414). 

When the encryption and authentication processing 
control unit 401 receives the READY signal, it outputs data 
blocks and the processing Information thereof to the processing 
unit, and makes It proceed with the processing (Step 415) 
according to the processing process of the third embodiment 
(Steps 311 — 314 In Fig. 13) In the following. After all the 
processing for the packet which was processed by priority is 
completed, the processing unit reads out the data In the middle 
of processing from the processing data saving unit and restarts 
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the processing for the packet (Step 416). 

As described above, according to the security 
communication pacl<et processing apparatus 400 of the fourth 
embodiment, the processing data saving units 406a, 406b, 

5 406c, 406d, 406e and 406f are provided in addition to the 
structure of the third embodiment. Therefore, control of 
processing pacl<ets by priority becomes possible in addition to 
the effects as described in the third embodiment. 

Note that although the processing data saving units are 

10 provided respectively for ail the encryption processing units, 
the data block accumulation units and the authentication 
processing units, the present invention is not always limited to 
the above structure. The processing data saving units may be 
provided for ail the encryption processing units only, for 

15 example, that is, the processing data saving units may be 
provided respectively for arbitrary processing units. Also, this 
embodiment can be applied to the security communication 
packet processing apparatus 200 according to the second 
embodiment. The processing in this case can be realized in 

20 the same manner as the above. 

Further, according to this embodiment, when all the 
required processing units are being occupied when a packet is 
inputted to the encryption and authentication processing 
control unit 301, the processing unit which is processing the 

25 packet with the lowest priority among the packets in the middle 
of processing is released compulsorily regardless of the priority 
of the inputted packet, but the correlation with the priority of 
the inputted packet may be added as a condition of releasing. 
That is, the processing unit which is processing the packet with 

30 the lower priority than that of the inputted packet and the 
lowest priority among the packets in the middle of processing 
may be released compulsorily, for example. 
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Further, as a parameter for determining the processing 
unit which is to be released compulsorily, not only priority of a 
packet but also a packet size, number of steps required for 
processing, number of remaining steps until the processing of 
the packets in the middle of the processing is completed and so 
on may be used. 

Next, the security communication packet processing 
apparatus according to the fifth embodiment of the present 
invention will be explained. 

Fig. 16 is a diagram showing a structure of the security 
communication packet processing apparatus 500 according to 
the fifth embodiment of the present invention. The security 
communication packet processing apparatus 500 according to 
the fifth embodiment comprises a structure in which a data 
saving area (a processing data saving unit) common to two 
encryption processing units, two data block accumulation units 
and two authentication processing units Is added to the security 
communication packet processing apparatus 200 according to 
the second embodiment. In other words, the security 
communication packet processing apparatus 500 comprises the 
packet processing module including an encryption processing 
unit 502a, a data block accumulation unit 503a, an 
authentication processing unit 504a and a packet construction 
unit 506a, the packet processing module including an 
encryption processing unit 502b, a data block accumulation 
unit 503b, an authentication processing unit 504b and a packet 
construction unit 506b, an encryption and authentication 
processing control unit 501 and a processing data saving unit 
505. 

The processing data saving unit 505 Is a memory or the 
like that is connected to the encryption processing units 502a 
and 502b, the data block accumulation units 503a and 503b, 



-44- 



and the authentication processing units 504a and 504b, and 
has a memory area just for temporarily saving all the data in 
the middle of processing in these processing units. 

Note that although, according to the fifth embodiment, 

5 the encryption and authentication processing control unit 501 
receives four types of packets as described in the first 
embodiment and the processing information thereof in the 
same manner as the fourth embodiment, the processing 
information is supposed to include the information on the 

10 priority of processing the packets. 

The encryption and authentication processing control 
unit 501 performs processing for allocating resources (packet 
processing modules) depending upon the priority of the 
inputted packet, in addition to the functions of the encryption 

15 and authentication processing control unit 201 according to the 
second embodiment. More specifically, when all the resources 
required for the encryption (or the decryption) processing and 
the authentication processing are being occupied when the 
packet is inputted, the encryption and authentication 

20 processing control unit 501 specifies the resource which is 
processing the packet with the lowest priority among them and 
saves the data in the middle of processing in the processing 
data saving unit 505 so as to release the resource. In other 
words, the encryption and authentication processing control 

25 unit 501 performs control so that the packet of the higher 
priority is processed earlier. 

Fig. 17 is a flowchart showing an operation procedure of 
the security communication packet processing apparatus 500. 
First, the encryption and authentication processing control unit 

30 501 receives a packet to be processed and the processing 
information thereof, and then judges based on the processing 
information whether the processing unit required for the 
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processing of the packet is ready for processing or not (Step 
511). As a result, wlien the required processing unit is ready 
for processing ("Yes" in Step 511), the encryption and 
authentication processing control unit 501 outputs data blocks 

5 and the processing information thereof to the processing unit 
and makes it proceed with the processing (Step 512) according 
to the processing process of the second embodiment (Steps 
211~212 in Fig. 11) in the following. 

On the other hand, when all the processing units required 

10 for the processing of the packet are being occupied ("No" in 
Step 511), the encryption and authentication processing 
control unit 501 gives the processing unit which is processing 
the packet with the lowest priority a command of saving the 
data in the middle of processing along with an address of a 
^;i5 saving destination in the processing data saving unit 505 (Step 
f'j 513). When the processing unit receives the command of 
L saving, it saves the data in the middle of processing and the 
processing information thereof in the specified address of the 
processing data saving unit 505, and after completing the 

20 saving. It outputs a READY signal to the encryption and 
authentication processing control unit 501 (Step 514). 

When the encryption and authentication processing 
control unit 501 receives the READY signal, it outputs data 
blocks and the processing information thereof to the processing 

25 unit, and makes it proceed with the processing (Step 515) 
according to the processing process of the second embodiment 
(Steps 211~212 in Fig. 11) in the following. After all the 
processing for the packet which was processed by priority is 
completed or other processing units reach a 

30 ready-for-processing state, the processing unit reads out the 
saved data In the middle of processing from the processing data 
saving unit 505 and restarts the processing for the packet (Step 
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516). 

As described above, according to the security 
communication packet processing apparatus 500 of the fifth 
embodiment, the processing data saving unit 505 shared by the 
encryption processing units 502a and 502b, the data blocl< 
accumulation units 503a and 503b and the authentication 
processing units 504a and 504b is provided in addition to the 
structure of the second embodiment. Therefore, in addition to 
the effects as described in the second embodiment, not only 
control of processing packets by priority becomes possible, but 
also more effective use of the processing data saving unit 
becomes possible than the fourth embodiment in which the 
processing data saving unit is provided dedicated to each 
processing unit. 

Note that although, according to the fifth embodiment, 
the processing data saving unit is provided common to all the 
encryption processing units, the data block accumulation units 
and the authentication processing units, the present invention 
is not always limited to the above structure. The processing 
data saving unit may be provided for all the encryption 
processing units only, for example, that is, the processing data 
saving unit may be provided common to an arbitrary 
combination of the processing units. 

Also, the technique for sharing the data saving area 
according to the fifth embodiment can be applied to the 
security communication packet processing apparatus 300 
according to the third embodiment. More specifically, like the 
security communication packet processing apparatus 600 as 
shown in Fig. 18, a data saving area (a processing data saving 
unit 606) shared by encryption processing units 602a and 602b, 
data block accumulation units 603a and 603b and 
authentication processing units 604a and 604b may be added. 
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In this case, an encryption and autiientlcation processing 
control unit 601 gives a data bath connection switching unit 
602 a command of connecting the processing unit as a 
destination of saving the data in the middle of processing and 
5 the processing data saving unit 606 so as to make it possible to 
save the data. 

As shown in the above-mentioned five embodiments of 
the present invention, since a processing unit for performing 
both encryption processing and authentication processing is a 
10 data blocl< size necessary and sufficient for the processing 
according to the present invention, speeding up and reducing 
delay of the encryption processing and the authentication 
'll processing can be realized, compared with the prior art in which 
\ a processing unit is a packet. 

;5i5 Also, when both encryption processing and 

authentication processing are performed according to the 
present invention, the data blocks after the encryption 
processing are accumulated until they reach the size of the data 
=J blocks necessary and sufficient for the authentication 
Ife20 processing, and the authentication processing is performed 
when they becomes equal to that of the data blocks for the 
authentication processing. Therefore, the present invention 
can contribute to saving of memory resources for buffering the 
data blocks after the encryption processing. 
25 Also, since two or more encryption processing units 

and/or authentication processing units are provided according 
to the present invention, simultaneous processing of plural 
packets becomes possible and the throughput of the security 
processing of the packets can be improved. 
30 Further, according to the present invention, the 

encryption processing unit, the data block accumulation unit 
and the authentication processing unit need not always be 
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corresponded fixedly even when there are plural encryption 
processing units and/or the authentication processing units, by 
providing the data path connection switching unit. That is, 
since the data blocl<s requiring the authentication processing 
after the encryption processing can be outputted to an arbitrary 
data block accunnulation unit, and the output of the data block 
accumulation unit can be outputted to an arbitrary 
authentication processing unit, there are effects that more 
effective use of the encryption processing unit, the data block 
accumulation unit and the authentication processing unit 
becomes possible and the encryption processing unit and the 
authentication processing unit can be easily replaced and the 
number of them can be easily increased. 

Further, the packet processing is not always performed in 
the order of Inputting to the security communication packet 
processing apparatus by providing the processing data saving 
unit, and the processing order can be manipulated according to 
the packet priority and others. 

Still further, according to the present invention, since an 
arbitrary encryption processing unit or authentication 
processing unit that shares the processing data saving unit and 
is ready for processing can process the data block to be 
processed when there is any in the processing data saving unit, 
by sharing the processing data saving unit in an arbitrary 
combination of the encryption processing units, the 
authentication processing units and the data block 
accumulation units, more effective use of the encryption 
processing unit and the authentication processing unit 
becomes possible. 

Although the security communication packet processing 
unit according to the present invention was explained based on 
the five embodiments, the present invention is not limited to 
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these embodiments. 

That is, other embodiments of various manners can be 
realized by combining features of these five embodiments. 
For example, the security communication packet processing 
5 apparatus in which the processing data saving units are 
connected dedicatedly to the respective processing units 202a, 
202b, 203a, 203b, 204a and 204b of the security 
communication packet processing apparatus 200 as shown in 
Fig. 10 can be realized by applying the feature of the fourth 
10 embodiment (that is, providing the processing data saving unit 
for each processing unit) to the second embodiment. 
11 Further, the security communication packet processing 

3 apparatus according to the second through fifth embodiments 
^ as well as the first embodiment can, of course, be incorporated 
%ib in a communication device such as a security gateway and a 
f'i computer device. 

INDUSTRIAL APPLICABILITY 

3 The security communication packet processing apparatus 

:i;20 according to the present invention is applicable to a 
communication relay station that connects various 
communication networks, a security gateway that functions as 
a router and a firewall, and a communication device that 
securely connects a WAN that is a public network such as 
25 Internet and a LAN that is a non-public network that connects 
plural computers for in-house use. 
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